[ previous ] [ next ] [ threads ]
 
 From:  Falcor <falcor at netassassin dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Filtering VPN Traffic?
 Date:  Mon, 01 Mar 2004 23:09:15 -0600 
Um, question.  I have a VPN from one m0n0wall to another, works great. 
 In testing out some ACLs to limit access from one network to the other 
(E.g. allow SSH to host 1, 2, 3, but no rules for hosts 4, 5, 6)  

I have the block rules in the firewall, under LAN interface, but that 
did not work.  I then tried WAN interface and no work.  I am writing the 
rules based on the network range of the remote network.

So:

Local network is 192.168.100.0 / 24
remote network is 10.254.254.0/24

Rules state:
1.) allow ICMP from 10.254.254.0/24 to 192.168.100.151
2.) Block all from 10.254.254.0/24 to *

We have no blocking happening as our test host on the 10.254.254.0/\24 
network is able to access any and all TCP/UDP ports on all hosts.

help!